package cn.itcast.web.controller;

import cn.itcast.domain.system.Module;
import cn.itcast.domain.system.User;
import cn.itcast.service.system.ModuleService;
import cn.itcast.service.system.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;

import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;

import java.util.List;

@Controller
public class LoginController extends BaseController {


    @Autowired
    private UserService userService;

    @Autowired
    private ModuleService moduleService;
     /*
        作用： 跳转到后台首页/home/main.jsp
     */

    @RequestMapping("/login")
    public String login(String email, String password) {
        //1. 判断邮箱与密码是否为空，如果为空跳回登录页面
        if (StringUtils.isEmpty(email) || StringUtils.isEmpty(password)) {
            request.setAttribute("error", "用户名或者密码不能为空");

            return "forward:/login.jsp";
        }


        try {
            //2. 获取subject对象
            Subject subject = SecurityUtils.getSubject();

            //3. 把用户名与密码封装到一个Token对象中
            UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(email, password);

            //4. 使用subject对象把token发出登陆认证请求,其实本质上就是token传递给了realm
            subject.login(usernamePasswordToken);

            //5. realm认证完毕之后会给你返回一个登陆成功用户对象， shiro在你登陆成功后shiro自己会在session中设置很多登录成功标记

            User loginUser = (User) subject.getPrincipal();

            //shiro本质上已经做了登录成功标记，但是由于我们自己的代码也需要使用登陆者的信息，所以我们自己也会在session中做登陆者信息存储。

            session.setAttribute("loginUser", loginUser);

            List<Module> moduleList = moduleService.findModuleByUser(loginUser);

            session.setAttribute("modules", moduleList);

            return "home/main";
        } catch (UnknownAccountException e) {
            //一旦出现了UnknownAccountException带用户名不存在
            request.setAttribute("error", "用户名不存在");
            return "forward:/login.jsp";
        } catch (IncorrectCredentialsException e) {
            //一旦出现IncorrectCredentialsException 代表密码错误
            request.setAttribute("error", "密码错误");
            return "forward:/login.jsp";
        }







/*

        User user = userService.findByEmail(email);

        if (user != null) {
            if (user.getPassword().equals(password)) {
                session.setAttribute("loginUser", user);

              List<Module> moduleList = moduleService.findModuleByUser(user);

              session.setAttribute("modules",moduleList);

                return "home/main";

            } else {
                request.setAttribute("error", "密码错误");
                return "forward:/login.jsp";
            }
        }else {
            request.setAttribute("error","用户名不存在");
            return "forward:/login.jsp";
        }*/
    }


       /*
      作用： 后台首页的中间内容需要加载/home/home.jsp
   */

       @RequestMapping("/home")
       public String home() {
           return "home/home";
       }


    @RequestMapping("/logout")
    public String logout() {

        Subject subject = SecurityUtils.getSubject();
        subject.logout();

        session.invalidate();

        //request没有携带任何的数据，所以我使用请求重定向
        return "redirect:/login.jsp";

    }



}
